The personal blog of Peter Lee a.k.a. "China Hand"... Life is a comedy to those who think, a tragedy to those who feel, and an open book to those who read. You are welcome to contact China Matters at the address chinamatters --a-- prlee.org or follow me on twitter @chinahand.

Wednesday, December 24, 2014

[Update: An Islamabad court has issued an order for Aziz' arrest. Judging from the Guardian report, characterize the police reaction as "gingerly":

“Police have received the court order and we are trying our best to
implement it,” a police official in capital Islamabad said, requesting
anonymity as he was not authorised to talk to media. CH, 12/28/2014]

If you've been following the @chinahand twitter feed, you know I've been retweeting a stream of tweets from Pakistan civil society stalwarts trying, with some success, to put the focus on Abdul Maulana Aziz and the Lal Masjid mosque in the wake of the Peshawar student massacre on December 16. In that attack, Pakistan Taliban or TTP militants penetrated a military-run school and massacred 132, mostly young students who were the children of military officers.

The Pakistan army is apparently and understandably genuinely infuriated by the murder of the children of their own officers and has killed several dozen Pakistan Taliban in retaliation. It is unclear to me whether these operations are targeting Pakistani Taliban directly implicated in the attack, or if they are broad brush "price tag" attacks that draw a bright line for the TTP not to cross--and leave plenty of space behind the bright line for jihadi skullduggery.

For instance, the current head of the main faction of the TTP, Maulana Fazlullah, (we can't talk of the TTP as a unified group anymore; it has fragmented, with some factions breaking away and declaring allegiance to IS) is apparently not particularly capable or popular and the ISI may have decided to use the furor to forcibly rejigger the leadership structure of his group.

At times like this I greatly miss the insights and knowledge of Saleem Shahzad, the intrepid Asia Times Online reporter who was murdered in May 2011 as he investigated an al Qaeda cell in the high levels of the Pakistan military.

The Afghan Taliban--which is trying to lay the foundation for its eventual domination of Afghan politics with the assistance of Pakistan's security establishment and has little patience with its Pakistan cousin--immediately condemned the attack.

There is a broad and frustrated swath of educated Pakistani opinion that is horrified by what the nation has become, and is hoping the reaction to the Peshawar massacre will rally civil society in favor of an alternate future, in which the nation is not a plaything in the hands of extremists and their military and intelligence enablers.

The only effective anti-TTP political force in Pakistan, the MQM--a rather thuggish party that dominates Karachi through its championing of the interests of the "Mujahir" (immigrants from India at the time of partition) majority and treats the local presence of Pashtuns, extremists and otherwise, as an existential challenge--jumped on the bandwagon with its own vociferous condemnation of the attack, and of Maulana Aziz and the Lal Masjid mosque.

Adbul Maulana Aziz is an unrepentant and, until recently, unapologetic advocate of Islamic extremism. He refused to condemn the Peshawar horror at first, leading to a storm of criticism and a filing of a "First Information Report" or FIR in Pakistan's courts--the first step in a criminal investigation--in Islamabad, and another FIR filed in Karachi by the MQM and accompanied by mass rallies in response to anti-MQM threats allegedly made by the cleric made in a recent sermon.

Maulana Aziz's attention to these challenges was probably accentuated by reports that the Pakistan government was claiming adequate grounds had been found to re-open a clutch of cases against the cleric--cases that had apparently been ditched when the government was cultivating him as its outreach agent to the TTP.

With every appearance of insincerity, Maulana Aziz condemned the massacre on December 21, five days after the event, and, I would think, expects with some justification that he'll be able to ride out the transitory storm of outrage and return to business as usual.

ISLAMABAD: Submitting to a
huge outcry from civil society, the chief cleric of Lal Masjid Maulana
Abdul Aziz apologised for failing to unconditionally condemn the
Peshawar massacre carried out by Taliban on December 16.

“I condemn the killing of schoolchildren and apologise,” Aziz said while talking to The Express Tribune.

The cleric admitted he realised his mistake only after his followers
convinced him. He clarified that he did not threaten any member of civil
society and police have registered FIR against him under social
pressure which is not a good precedent.

Aziz said his personal opinion was unnecessarily propagated in the
media. “I forgave Musharraf for launching military operation against us,
how it is possible that I was not saddened by the killing of innocent
schoolchildren,” he added.

The post reproduced below provides some background on Aziz, why he and the Lal Masjid mosque are at the center of Pakistan Islamic extremism...and why the People's Republic of China is closely and uncomfortably interested in this cleric, his mosque, and the military movement it spawned.

It’s been reported on the always-reliable Twitter by a Pakistan
journalist, Ali Kamran Chishti, that Abdul Maulana Aziz has declared his support
for the “Caliphate of Abu Bakar Baghdadi” i.e. ISIS.“Video to be uploaded soon”.

If confirmed, this is potentially big and bad news for the
People’s Republic of China.

In 2007, after a prolonged and desultory siege, Pakistan
armed forces stormed the mosque, signaling a partial fracture of the de facto
alliance between the Pakistan deep state and radical Islam.

The confrontation was little noted in the West, but it was big news in the People’s Republic of China.

Followers of the Red Mosque had targeted Chinese sex workers as part of a
purification campaign; Uighur students—“terrorists” according to the PRC--were
reportedly ensconced at the mosque; and, as the as the siege muddled slowly on
its initial stages, radical Islamists retaliated against Chinese in other parts
of the country.

In
response the PRC, which at that time relied largely upon
the good offices of its local allies and assets to keep a lid on Uighur
extremism, demanded action. Pervez Musharraf, torn between his
military/intelligence and Chinese constituencies, obliged the PRC by
sending troops personally loyal to him to storm the mosque in a bloody,
catastrophic attack that probably claimed hundreds of lives.

Aziz had previously attempted to escape the siege by disguising himself in
a burka, but was captured and paraded before the cameras in a humiliating
fashion. His brother died in the assault.

Maulana Aziz was released on bail in 2009 and spoke to an adoring
throng.The Guardian described the scene:

The 2007 siege had been a necessary
sacrifice, he told them. "Hundreds were killed, many were injured. But
today the whole country is resounding with cries to implement Islamic law. We
will continue with the struggle.

"Now Islam will not remain
confined to Swat. It will spread all over Pakistan, then all over the
world."

Standing beside him was a senior
leader from Sipa-e-Sahaba, a banned sectarian group that kills Shias, and which
has close ties to the Red mosque.

In 2013, in another murky episode of Pakistan jurisprudence, the over two dozen legal cases against Maulana Aziz
all evaporated without any serious government challenge.

Judging
by Maulana Aziz’s subsequent re-emergence as member
of the Pakistani Taliban’s negotiation team, one can assume his ties to
the ISI intelligence services remain strong, and he was cut loose
with the hope that he would smooth the way in peace talks between the
TTP and
the Pakistani government.

The TTP talks don't seem to be going anywhere, which is bad news for the PRC.

The TTP is
reportedly a willing host to Uzbek and Uighur fighters, and does not adhere to
the basically hands-off strategy toward the PRC followed by many Islamic
militants in the region (China’s links to militants run long and deep, thanks
to its central role in funneling hundreds of millions of dollars of materiel to
the mujihadeen on the CIA’s behalf during the anti-Soviet struggle in
Afghanistan).

Maulana
Aziz is apparently residing in Islamabad, so it remains to be
seen what caveats or qualifications he places upon his ISIS allegiance
in order
to dodge legal jeopardy--and if he and the ISI (Pakistan's Inter
Services Intelligence) will encourage forbearance in the matter of
enabling the training and infiltration of Uighur radicals back into
Xinjiang.

Best case for PRC, the bond holds despite
Maulana Aziz's presumably deep resentment against the PRC for its role
in the siege and the death of his brother, and his apparent sympathy for
the extreme Sunni/sharia stance of ISIS.

Worst case,
the ISI exploits radical forces and exacts a terrorist price tag in
Xinjiang for PRC attempts to balance its support for Pakistan with its
desire to strengthen ties with India, in a recapitulation of the bloody
anti-diplomacy inflicted on Mumbai by Pakistan terror assets in 2008.

But in any case, the awareness that the dots are slowly but
surely getting connected from ISIS to the TTP and onward to Xinjiang will
shadow Beijing’s thoughts, its Uighur security policy, and its diplomacy with
Pakistan, the Afghan Taliban, and its interlocutors among Islamic radicals in
Pakistan’s borderlands.

Below is an excerpt from a piece I wrote in 2007 on the
siege, and the important role that the PRC played.

The provocative kidnapping of 7 PRC nationals compelled Musharraf—reportedly
under heavy Chinese pressure—to abandon a policy of appeasement and compromise
with Islamic militants at the Lal Masjid mosque in Islamabad and, in July of
this year [2007], launch a bloody assault that revealed the extent of the
security crisis at the heart of the Pakistani military regime and displayed to
the U.S. Musharraf’s—and Pakistan’s--wholehearted reliance on China.

In the speech announcing the state of emergency, Musharraf broke into English
to tell us what he hoped we wanted to hear, evoking Lincoln as he tried to
justify his move to the United States, the EU, and the Commonwealth as a
response to judicial activism.

On the other hand, in his remarks in Urdu directed to the local audience as translated by
Barnett Rubin , Musharraf cited the Lal Masjid mosque crisis--not the
pursuit of al Qaeda and its allies in the border regions--as the primary
instance of terrorism and extremism afflicting Pakistan.

And when he commiserated with the victims of terrorism, he took the
opportunity to give a heartfelt shout-out to the Chinese, not to the United
States:

Now. We saw the event of Lal Masjid in Islamabad where extremists took law
into their own hands. In the heart of Pakistan - capital city - and to the
great embarrassment of the nation around the world... These people - what
didn't they do? - these extremists. They martyred police. They took police
hostage. They burned shops. The Chinese, who are such great friends of ours -
they took the Chinese hostage and tortured them. Because of this, I was
personally embarrassed. I had to go apologize to the Chinese leaders, "I
am ashamed that you are such great friends and this happened to you".

Now, about the standoff at the mosque.

One could describe it as Pakistan’s Waco—if Waco had taken place in the heart
of Washington, D.C.

It didn’t get the attention it deserved. As the Times of India dryly observed
of the attack that claimed at least 100 and perhaps 1000 lives:

...the week-long stand-off that ended in a massacre on Tuesday attracted
little attention in the US, where focus is more on the debate over a pullout
from Iraq. In fact, a news channel on Tuesday cut into a story on Lal Masjid to
bring breaking news of a small airplane crash in Florida.

Lal Masjid was controlled by militant clerics who not only proclaimed their
interpretation of sharia law—they enforced it.

One cannot have any objection to the Lal Masjid just preaching
implementation of Sharia in Pakistan. So many organizations are doing so, one
more cannot be objected to. The right of any Muslim to preach adoption of
Sharia is one thing but to take the powers of implementing his own version of
Sharia is another, and the latter is a function of the State....Lal Masjid stands in revolt when it establishes its own Sharia courts, it
passes judgments, and imprisons Pakistanis and foreigners.

Musharraf’s administration had its hands full with the militant,
confrontational, and well-connected (to the intelligence services) cleric who
ran the mosque, Maulana Abdul Aziz.

The difficulties involved can be seen from this excerpt from a timeline
of the mosque crisis compiled by B. Raman, an Indian China-watcher who is assiduous
in washing Pakistan’s dirty linen on the site Intellibriefs:

January 22, 2007: Female students of the Jamia Hafsa madrasa attached to
the Lal Masjid in Islamabad occupied a Children’s Library adjacent to their
madrasa to protest against the demolition of seven unauthorised mosques
constructed on roads in Islamabad by which President Pervez Musharraf often
travels. The mosques were demolished on the advice of his personal security
staff.

February 13, 2007: The authorities agreed to rebuild one of the demolished
mosques to end the library standoff, but the students refused to vacate the
library.

March 27, 2007: The female students, along with their male colleagues from
the Jamia Faridia, another madrasa attached to the mosque, raided a house near
the mosque and kidnapped a woman, her daughter-in-law and her six-month-old
granddaughter for allegedly running a brothel. They were released after they
“repented”.

March 28, 2007: Some students of the two madrasas took three policemen
hostage in retaliation for the arrest of some students by the police. The
hostages were released on March 29.

March 30, 2007: Some madrasa students visited CD and video shops in the
capital and warned the shop owners that they should either switch to another
business or face the “consequences”.

April 6, 2007: The Lal Masjid set up its own Sharia court. The mosque’s
chief cleric, Abdul Aziz, warned of “thousands of suicide attacks” if the
Government tried to shut it down.

April 9, 2007: The Sharia court issued a fatwa condemning the then Tourism
Minister Nilofar Bakhtiar after newspapers pictured her hugging her parachuting
instructor in France.

You get the picture. Escalating confrontation, with the government
conciliating, accommodating, and backing down.

After exposing the skydiving outrage, the students of Lal Masjid turned their
attention to another font of impurity—a Chinese-run massage parlor in
Islamabad.

Male and female students of Jamia Faridia, Jamia Hafsa and Beaconhouse
School System, in a joint operation, kidnapped the Chinese women and Pakistani
men shortly after midnight Friday from a Chinese massage centre, working at
House No 17, Street 4, F-8/3, alleging that they were running a brothel. ......

Riding in three vehicles, the students ... raided the massage centre
located in the posh Islamabad sector. They overpowered three Pakistani males
and guards posted there after thrashing them.

They, later, entered the building and ordered those present there to
accompany them. On refusal, the students thrashed them and forcibly took them
to the Jamia Hafsa compound. They accused the abducted people of rendering
un-Islamic and unlawful services....

Ghazi [of Lal Masjid] said the China massage centre was involved in sex
trade and complaints were being received about it since long. "Even
housewives used to tell us by phone that the centre charges Rs 1,000 for
massage while by paying Rs 500, something else was also available," he
said.

Then the anxious confab with the Chinese:

President Pervez Musharraf and Prime Minister Shaukat Aziz were earlier
given minute-by-minute reports of the negotiations regarding the release of the
hostages. ... The prime minister was in contact with the Islamabad
administration and the Interior Ministry and getting minute-by-minute reports
from State Minister for Interior Zafar Warriach....The Chinese ambassador contacted President Hu Jintao two times during the
15-hour hostage drama, sources said. The ambassador called his president while
holding talks with Pakistan Muslim League chief Chaudhry Shujaat Hussain at his
residence.

... Sources quoted President Hu Jintao, expressing shock over the kidnapping
of the Chinese nationals, has called for security for them. The ambassador
informed his president about his talks with Prime Minister Shaukat Aziz and
Chaudhry Shujaat Hussain. The PML leader also got telephonic contact
established between the hostages and the ambassador.

The ignominious conclusion:

The release came only after Deputy Commissioner Chaudhry Muhammad Ali and
Senior Superintendent of Police (SSP) Zafar Iqbal, who held talks with the Lal
Masjid administration, beseeched it for five hours and even touched the knees
of some leading clerics while begging for the freedom of the abductees.

Finally, the tellingly sleazy detail:

The administration quietly let two "big shots", Pakistani
customers, go and released their vehicles, seized from outside the massage
centre... The identity of these clients is not being disclosed.

Beyond President Hu Jintao’s tender regard for the security and livelihood of
Chinese masseuses, there was obviously a larger issue at stake. China did not
want to see its citizens and interests to become pawns in Pakistan’s internal
strife.

It's a non-trivial point for China, which lacks the military reach to
effectively protect its overseas citizens itself, but does not want to see them
turned into the bargaining chip of first resort for dissidents in dangerous
lands like Pakistan, Sudan, Nigeria, and etc. who are looking to get some
leverage on the local government--or Beijing.

It looks like China demanded that Pakistan draw a red line at the abduction,
extortion, and murder of its citizens.

A week after the kidnapping incident, Pakistan’s Federal Interior Minister was
in Beijing.

Once more from the Intellibriefs timeline:

June 29, 2007: The "Daily Times" of Lahore wrote in an editorial
as follows: "During his visit to Beijing, Sherpao got an earful from the
Chinese Minister of Public Security, Zhou Yongkang, who asked Pakistan for the
umpteenth time to protect Chinese nationals working in Pakistan. The reference
was to the assault and kidnapping of Chinese citizens in Islamabad by the Lal
Masjid vigilantes. The Chinese Minister called the Lal Masjid mob “terrorists”
who targeted the Chinese, and asked Pakistan to punish the “criminals”.

One factor that would have intensified Chinese alarm and exasperation was a
report that the attack on the massage parlor revealed a tie-up between
Pakistan’s Islamic militants and Uighur separatists:

Mr.Sherpao also reported that the Chinese suspected that the raid on the
massage parlour was conducted by some Uighur students studying in the Lal
Masjid madrasa and that the Chinese apprehended that Uighur
"terrorists" based in Pakistan might pose a threat to the security of
next year's Olympics in Beijing.

In early July Musharraf apparently was able to invoke China’s anger to overcome
resistance within his armed forces, and move against Lal Masjid.

Even so, he was forced to employ troops personally loyal to him, as the Weekly
Standard reported:

China applied enormous pressure to Musharraf. His previous attempts to
order military strikes against the Lal Masjid had met with rebuffs. In late
January, after the Pakistani army refused to raid the mosque, Musharraf ordered
his air force to do so--only to see this order refused as well. Musharraf's
eventual solution was to send in 111 Brigade, which is personally loyal to him.

The mosque was encircled by 15,000 troops and the siege proceeded in a dilatory
fashion...until three Chinese were murdered in remote Peshawar, apparently in
retaliation for the siege.

But one witness said that attackers with face covered were shouting
religious slogans when they opened fire on four Chinese nationals in a
three-wheel auto-rickshaw factory at Khazana, a town some eight kilometers from
Peshawar, the capital city of Pakistan's North West Frontier Province.

The Chinese outlets splashed the story all over the media, including their
embassy websites, complete with atrocity photos—a treatment that the
unfortunate demise of rickshaw factory employees doesn’t usually attract.

On July 2, barely a week after the abduction, the government ordered 15,000
troops around the mosque compound to flush out the militants. On July 4, it
arrested the leader of the militants, Maulana Abdul Aziz ... After apprehending
the leader, government troops moved to choking off the militants’ supplies of
food, water, and power. But as soon as word of the revenge killing of three
Chinese on July 8 reached Islamabad, it created a “perfect storm” for Gen.
Musharraf. Embarrassed and enraged, he reversed the troops’ strategy and
ordered them, on July 10, to mount an all-out assault at the mosque, in which
Aziz’s brother and his deputy, Abdul Rashid Ghazi, together with as many as
1,000 people, was killed.

Wednesday, December 17, 2014

On technical grounds, there’s problems like this, pointed out by Jeffrey Carr (h/t to “@SaiGonSeamus), who wrote a book on cyberwarfare:

The White House appears
to be convinced through "Signals intelligence" that the North
Korean government planned and perpetrated this attack against Sony:

In one new detail, investigators have uncovered an instance
where the malicious software on Sony’s system tried to contact an Internet
address within North Korea

There is a common misconception that
North Korea's ITC is a closed system therefore anything in or out must be
evidence of a government run campaign. In fact, the DPRK has contracts with
foreign companies to supply and sustain its networks. Those companies are:

Lancelot Holdings

Loxley Pacific

Shin Satellite Corp

Orascom Telecomms Holding

Each offers a different service, but
Loxley Pacific, a Thailand joint venture involving Loxley (Thailand), Teltech
(Finland), and Jarangthai (Taiwan).

Loxley Pacific is a subsidiary of Loxley, a Thai public company
that provides a variety of products and services throughout the Asia Pacific
region. According to its 2013
annual report, Loxley has 809 permanent staff and 110 contract staff.

Loxley Pacific provides
fixed-telephone lines, public payphone, mobile phones, internet, paging,
satellite communications, long-distance/international services, wire or
wireless in the Rajin-Sonbong Free Economic and Trade Zone. Star JV is North
Korea's internet service run as a joint
venture between the North Korean government and Loxley Pacific.

One of the easiest ways to
compromise the Internet backbone of a country is to work for or be a vendor to
the company which supplies the backbone. For the DPRK, that's Loxley, based in
Bangkok. The geolocation
of the first leak of the Sony data on December 2 at 12:25am was traced to
the St. Regis hotel in Bangkok, an approximately 13 minute drive from Loxley
offices.

This morning, Trend
Micro announced that the hackers probably spent months collecting passwords
and mapping Sony's network. That in addition to the fact that the attackers
never mentioned the movie until after the media did pretty much rules out
"The Interview" as Pyongyang's alleged reason for retaliation. If one
or more of the hackers involved in this attack gained trusted access to Loxley
Pacific's network as an employee, a vendor, or simply compromised it as an
attacker, they would have unfettered access to launch attacks from the DPRK's
network against any target that they wish. Every attack would, of course, point
back to the hated Pyongyang government.

Under international law, "the
fact that a cyber operation has been routed via the cyber infrastructure
located in a State is not sufficient evidence for attributing the operation to
that State" (Rule 8, The Tallinn Manual). The White House must responsibly
evaluate other options, such as this one, before taking action against another
nation state. If it takes such action, and is proved wrong later, which it
almost certainly will be, the reputation of the U.S. government and the
intelligence agencies which serve it will be harmed.

China may have helped North Korea carry out the hacking attack on Sony
Pictures, a US official has told Reuters.

The official, who spoke on condition of anonymity, said the conclusion of
the US investigation was to be announced later by federal authorities. …There were also reports on Friday that Iran and Russia may have also helped
the North Korean hackers.

The software used in the hacking was at a level of sophistication not
previously seen in past North Korean attacks, a US intelligence source told Fox News, adding that China, Iran and Russia had
all used the technology previously.

Bear in mind, this is from the anonymous official who’s
making the case for North Korea.

Also, unfortunately, there is the whole political angle.

When America, even in the form of a Japan-owned movie
studio, is attacked, the US government wants to strike when the iron is hot,
i.e. when fear and anger are at a fever pitch, and the sense of outrage is unencumbered
by second thoughts like “Do I really care what happens to Sony?” "How far am I willing to go to defend Seth Rogen's freedom of expression?" or even "Did the hackers actually do us all, including Rogen & Franco, a favor by removing The Interview--by all accounts a real stinker--from the market place?"

Unfortunately, cyberattacks don’t lend themselves to quick
attribution or, for that matter, even ultimate attribution.And for a government that does not want to
make a spectacle of its impotence, waiting on due process and evidentiary
niceties to produce the conclusion, “Well, the circumstances argue this, but we
could never prove it in a court of law” doesn’t really cut it.

I have a suspicion that the United States has an app for
that: blame somebody, preferably somebody unpopular, as quickly and
categorically as possible.

So I see the quick attribution of the hack to North Korea
part of the “Infowar” mindset, one that obsesses inside-the-Beltway types but I
don’t think is really on anybody else’s radar: the idea that the government has
to be able to manipulate and guide public opinion even in less than crystal
clear situations, if it has hopes of being effective.

In other words, When in doubt, finger the bad guy.There’s no downside, only upside.

[On 9/11] Rumsfeld ordered the military to begin working on strike
plans. And at 2:40 p.m., the notes quote Rumsfeld as saying he wanted
"best info fast. Judge whether good enough hit S.H." – meaning Saddam
Hussein – "at same time. Not only UBL" – the initials used to
identify Osama bin Laden.
…
"Go massive," the notes quote him as saying. "Sweep it all up.
Things related and not."

Who’s going to stand up and defend Kim Jung Un and the idea of due process and legal rigor in dealing with North frickin' Korea? Nobody. And we've now got a free turn to take another swing at North Korea if and when we want to.

My melancholy prediction: even as cybercrimes become harder to attribute, governments will become quicker, more vociferous, and less scrupulous in providing those attributions.

CH]

I came over this measured exercise
in opinion journalism penned by “Alec Ross, Senior Fellow at
Columbia University's School of International & Public Affairs” over
at Huffington Post:

North Korea is a miserable, backward,
hellhole of a place. It has a per capita GDP of less than $2,000 -- trailing
Yemen, Tajikistan and Chad -- and about one-sixteenth the size of the GDP of
South Korea. The Hermit Kingdom derives its power through the twin pillars of
state repression and an all-encompassing propaganda apparatus.

This poor, delusional country managed
to wallop Sony after it objected to the content of some movie which I can't
remember the name of at the present moment but which looks boring and stupid. ..

Kinda funny, in a way, since the FBI has stated there isn’t
sufficient evidence to attribute the attack to North Korea at the present time,
and in fact some people are pointing fingers at the People’s Republic of China
instead.More about China later.

Hmmm, I said to myself, and I surfed off to find out whether
Mr. Ross was indeed a fellow at some hallowed Ivy, or perhaps the meth-crazed
denizen of some non-accredited on-line institution in Columbia, South Carolina.

Alec Ross (born November 30, 1971) was Senior Advisor for Innovation
to Secretary of State Hillary Clinton for the duration
of her term as Secretary of State, a role created for him that blends
technology with diplomacy.[2]
As Secretary Clinton's "tech guru,"[3]
Ross led State Department's efforts to find practical technology solutions for
some of the globe's most vexing problems on health care, poverty, human rights
and ethnic conflicts, earning him numerous accolades including the Distinguished Honor Award. In 2010 Ross
was named one of 40 leaders under 40 years old in International Development,[4]
and Huffington Post included him in their list of 2010 Game Changers as one of
10 "game changers" in politics.[5]
He is also one of Politico's 50 Politicos to Watch as one of "Five people
who are bringing transformative change to the government."[6]
Foreign Policy magazine named Ross a Top Global Thinker in 2011.[7]
U.S. Ambassador to the United Nations Samantha Power, speaking at the White
House referred to Alec Ross as "One of the most creative people probably
that the U.S. government has ever known." [8]
Profiled in 2011, Time Magazine describes how Ross is incorporating digital
platforms into the daily lives of U.S. diplomats and his support of programs to
train activists in the Middle East.[9]
Time Magazine also named Alec Ross one of the best Twitter feeds of 2012.[10]
In 2012, Newsweek named Alec to their Digital Power Index Top 100 influencers,
listing him among other "public servants defining digital regulatory
boundaries,"[11]
and the TriBeCa Film Festival awarded Ross a Disruptive Innovation Award.[12]
Alec Ross is recipient of the Oxford Internet Institute OII Award 2013.[13]

… In April 2009, Ross was tapped to join the State
Department. As Senior Advisor on Innovation, he successfully advocated for
new digital diplomacy tools.[25]
In front of a group of activists, Hillary Clinton described his work by saying
that "Alec Ross has been my right hand on all that we're doing for
internet freedom."[26]
He is spearheading the "21st Century Statecraft" initiative[27]
and led Civil Society 2.0, a program to educate and train grass-roots
organizations around the world to create Web sites, blog, launch text messaging
campaigns, and build online communities.[28]
Speaking to digital diplomacy's promise, Ross told The American Prospect,
"If Paul Revere had been a modern day citizen, he wouldn't have ridden
down Main Street. He would have tweeted."[27]

…During the Libyan uprising, Alec drove the State Department's efforts to
"restore communication networks in rebel-held territories such as
Benghazi, working with the late Amb. Chris Stevens, to fight the Internet blackout
imposed by Libyan leader Muammar al-Qaddafi."[32]
Ross' team also "provided communications technologies to opposition
members in the Syrian border areas and trained NGOs on how to avoid the
regime's censorship and cyber snooping."[32]

… In the eastern Democratic Republic of Congo, Ross … also put together a
mobile banking program for soldiers who haven’t been paid in years, empowering
them with the ability to securely transfer money and save through accounts over
cellphones.[28]

Gadzooks, I thought.Benghazi! No, really, I realized this is Hillary Clinton’s go-to guy for evil-empire related digital
policy, besties with Samantha Power, and also an indispensable, foundational figure
in the compilation of end-year listicles.

Upon reviewing these credentials, my concerns were allayed,
and I look forward to our 21st-century high speed, high efficiency digital justice system,
which pitches cumbersome anachronisms such as evidence and due process off the
steamship of modernity (to paraphrase my favorite Mayakovsky bit), and allows the
simultaneous posting of crime, sentence, and punishment on the pages of our new
court record, Huffpo.

But seriously.

The Sony hack apparently involves a major investment of time
and resources, which are available both to governments and to criminal
gangs.What makes the Sony hack kinda
special is that, once access was obtained and the goodies extracted, the
intruders torched the place and made a public spectacle of their crime.

Going the extra mile in vandalism and humiliation would seem
to argue some political purpose beyond simple malice, mischief, and greed, and
observers have naturally gravitated toward a narrative of North Korean revenge
for The Interview.

But, you know, maybe something Chinese.Not an operation sanctioned by the PRC
government, to be sure—the benefits are miniscule (unless Xi Jinping just
absolutely had to see Annie
pre-release) compared to the potentially immense diplomatic and economic costs—but
maybe some kind of off the books operation by rogue, nationalistic minded
hackers who decided to stick it to a vulnerable Japanese corporation as
punishment for the Japanese government’s confrontational attitude toward the
PRC over the Senkakus, the pivot, etc.

One of the more interesting cases bubbling along incybercrime is the early-December arrest of 77 (!) PRC nationals crammed into a house with
their computer gear in an upscale Nairobi neighborhood, allegedly with criminal
designs on the Kenyan banking system.

The PRC surfs and hacks the world looking for system
vulnerabilities, and I’m beguiled by the possibility that a government cyber
operation discovered a vulnerability in the Kenyan banking system, and a
freelancing group of hackers decided to exploit that information for some
private and profitable breaking and entering.

I suspect in the brave, new world of PRC hacking, there is a
growing cadre of entrepreneurially minded or ideologically driven hackers who
can bring impressive information, resources, and skills to bear on a chosen
objective.

Given the difficulties of identifying a smoking gun as to an
originating server—let alone a controlling individual or institution—Ross speculated a
private sector riposte which sounds rather ridiculous:

It is only a matter of
time before some hotshot group of engineers recognizes and stalls a cyber
attack and instead of calling the authorities (who can't do anything anyway),
the VP of Engineering orders a counter attack against the aggressor. If Sony
had a better engineering department --- if it were a little more Northern
California instead of Southern California -- I wonder what would have happened
if they had identified the source of the hack and shot back with a DDoS attack.
Would the North Koreans have considered this an "invasion" by the
United States or Japan (where Sony is actually headquartered). They are
complete lunatics, so they probably would.

I can only hope that, if Hillary Clinton is elected
president, they will give Alec Ross a phone that can only call 911 and a computer
that is not plugged in to the Internet.

Functionally, the Sony hack resembles the “Shamoon” hack of
the Aramco network in Saudi Arabia, itself perhaps retaliation for the
US/Israeli Stuxnet attack on Iran’s centrifuge operation.In addition to a data drain, Shamoon featured
the wiping of target hard drives and the presentation of a taunting message on
computer screens.

I wrote about Shamoon for Asia Times Online in 2013, and pointed out the implications of larger and more sophisticated
cyberintrustions.

[T]the
PRC and Russia have lined up behind a proposed "International Code of
Conduct for Internet Security", an 11-point program that says eminently
reasonable things like:

Not to use
ICTs including networks to carry out hostile activities or acts of aggression
and pose threats to international peace and security. Not to proliferate
information weapons and related technologies.

It
also says things like:

To cooperate
in combating criminal and terrorist activities which use ICTs [information and
computer technologies] including networks, and curbing dissemination of
information which incites terrorism, secessionism, extremism or undermines
other countries' political, economic and social stability, as well as their
spiritual and cultural environment. [11]

The United States, of course, has an
opposite interest in "freedom to connect" and "information
freedom," (which the Chinese government regards as little more than
"freedom to subvert") and has poured scorn on the proposal.

The theoretical gripe with the PRC/Russian proposal is that it endorses the
creation of national internets under state supervision, thereby delaying the
achievement of the interconnected nirvana that information technology
evangelists assure us is waiting around the next corner - and also goring the
ox of West-centric Internet governing organizations like ICANN.

So the Chinese proposal is going exactly nowhere.

The (genuine) irony here is that the Chinese and Russians are showing and
driving the rest of the world in their response to the undeniable dangers of
the Internet ecosystem, some of which they are themselves responsible for but
others - like Stuxnet - can be laid at the door of the US.

In response to hacking, the Internet as a whole has evolved beyond its open
architecture to a feudal structure of strongly-defended Internet fortresses,
with cyber-surfs free to roam the undefended commons outside the gates, glean
in the fields, and catch whatever deadly virus happens to be out there.

In recent months, the word "antivirus" has disappeared from the
homepages of Symantec and MacAfee as they have recognized that their reference
libraries of viruses can't keep up with the proliferation of millions of new
threats emerging every year, let alone a carefully weaponized packet of code
like Stuxnet, and protect their privileged and demanding users. Now the
emphasis - and gush of VC and government money - has shifted to
compartmentalizing data and applications and detecting, reducing the damage,
and cleaning up the mess after a virus has started rummaging through the
innards of an enterprise.

In other words, the Internet fortresses, just like their medieval analogues,
are increasingly partitioned into outer rampart, inner wall, and keep -
complete with palace guard - in order to create additional lines of defense for
the lords and their treasure.

In other words, they are starting to look like the Chinese and Russian national
internets.

It is, unfortunately, a simple and incontrovertible fact
that, if we want to effectively detect, block, and investigate cyberattacks,
the solution is tightly monitored, internally accountable national internets
along the lines implemented by the PRC, Iran, and, increasingly Russia and
Brazil.Under this model, states have the capability, right, and
responsibility to police their digital borders as they do their physical
borders.

This approach is, of course, anathema to Mr. Ross, as it
raises the specter of oppressive governments stifling dissent and inhibiting
free expression at the same time they pursue cybersaboteurs.

It also flies in the face of the US strategic and economic
interest in an open transnational network accessible to Google bots and NSA
penetration, that places American government and corporate entities at the profitable, vulnerable heart of the Internet, and makes it dependent on US good offices, just as the international
financial system still is today.

Unfortunately, the US, in its interest in sustaining an
open, transnational, and easily compromised Internet, is at the same time demonstrably unable and
unwilling to effectively secure it or police it fairly. That’s why the current Internet has the
structural robustness and integrity of a bag of shit thrown from a third-story
window.

And that’s why I’m afraid our response to outrages like the Sony hack will be to use the language of
deterrence and intimidation--and private sector vigilantism--to shift focus away from the profound and probably
irreconcilable contradictions that form the foundation of the current Internet.